source: postlfs/config/devices.xml@ 4de7ca7

Last change on this file since 4de7ca7 was 4de7ca7, checked in by Bruce Dubbs <bdubbs@…>, 4 years ago

Numerous typos and text corrections

git-svn-id: svn:// af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 8.5 KB
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
8<sect1 id="postlfs-devices" xreflabel="About Devices">
9 <?dbhtml filename="devices.html"?>
11 <sect1info>
12 <othername>$LastChangedBy$</othername>
13 <date>$Date$</date>
14 </sect1info>
16 <title>About Devices</title>
18 <indexterm zone="postlfs-devices">
19 <primary sortas="e-etc-udev-rules">/etc/udev/rules.d</primary>
20 </indexterm>
22 <para>Although most devices needed by packages in BLFS and beyond are set up
23 properly by <application>udev</application> using the default rules installed
24 by LFS in <filename class="directory">/etc/udev/rules.d</filename>, there are
25 cases where the rules must be modified or augmented.</para>
27 <para condition="html" role="usernotes">User Notes:
28 <ulink url="&blfs-wiki;/aboutdevices"/></para>
30 <sect2>
31 <title>Multiple Sound Cards</title>
33 <para>If there are multiple sound cards in a system, the "default"
34 sound card becomes random. The method to establish sound card order
35 depends on whether the drivers are modules or not. If the sound card
36 drivers are compiled into the kernel, control is via kernel command line
37 parameters in <filename>/boot/grub/grub.cfg</filename>. For example,
38 if a system has both an FM801 card and a SoundBlaster PCI card, the
39 following can be appended to the command line:</para>
41<screen><literal>snd-fm801.index=0 snd-ens1371.index=1</literal></screen>
43 <para>If the sound card drivers are built as modules, the order can be
44 established in the <filename>/etc/modprobe.conf</filename> file
45 with:</para>
47<screen><literal>options snd-fm801 index=0
48options snd-ens1371 index=1</literal></screen>
50 </sect2>
52 <sect2 id="usb-device-issues">
53 <title>USB Device Issues</title>
55 <para>USB devices usually have two kinds of device nodes associated with
56 them.</para>
58 <para>The first kind is created by device-specific drivers (e.g.,
59 usb_storage/sd_mod or usblp) in the kernel. For example, a USB mass storage
60 device would be /dev/sdb, and a USB printer would be /dev/usb/lp0. These
61 device nodes exist only when the device-specific driver is loaded.</para>
63 <para>The second kind of device nodes (/dev/bus/usb/BBB/DDD, where BBB is
64 the bus number and DDD is the device number) are created even if the device
65 doesn't have a kernel driver. By using these "raw" USB device nodes, an
66 application can exchange arbitrary USB packets with the device, i.e.,
67 bypass the possibly-existing kernel driver.</para>
69 <para>Access to raw USB device nodes is needed when a userspace program is
70 acting as a device driver. However, for the program to open the device
71 successfully, the permissions have to be set correctly. By default, due to
72 security concerns, all raw USB devices are owned by user root and group
73 usb, and have 0664 permissions (the read access is needed, e.g., for lsusb
74 to work and for programs to access USB hubs). Packages (such as SANE and
75 libgphoto2) containing userspace USB device drivers also ship udev rules
76 that change the permissions of the controlled raw USB devices. That is, rules
77 installed by SANE change permissions for known scanners, but not printers.
78 If a package maintainer forgot to write a rule for your device,
79 report a bug to both BLFS (if the package is there) and upstream, and
80 you will need to write your own rule.</para>
82 <para>There is one situation when such fine-grained access control with
83 pre-generated udev rules doesn't work. Namely, PC emulators such as KVM,
84 QEMU and VirtualBox use raw USB device nodes to present arbitrary USB
85 devices to the guest operating system (note: patches are needed in order to
86 get this to work without the obsolete /proc/bus/usb mount point described
87 below). Obviously, maintainers of these packages cannot know which USB
88 devices are going to be connected to the guest operating system. You can
89 either write separate udev rules for all needed USB devices yourself, or
90 use the default catch-all "usb" group, members of which can send
91 arbitrary commands to all USB devices. </para>
93 <para>Before Linux-2.6.15, raw USB device access was performed not with
94 /dev/bus/usb/BBB/DDD device nodes, but with /proc/bus/usb/BBB/DDD
95 pseudofiles. Some applications (e.g., VMware Workstation) still use only
96 this deprecated technique and can't use the new device nodes. For them to
97 work, use the "usb" group, but remember that members will have unrestricted
98 access to all USB devices. To create the fstab entry for the obsolete
99 usbfs filesystem:</para>
101<screen><literal>usbfs /proc/bus/usb usbfs devgid=14,devmode=0660 0 0</literal></screen>
103 <note><para>Adding users to the "usb" group is inherently insecure, as they
104 can bypass access restrictions imposed through the driver-specific USB
105 device nodes. For instance, they can read sensitive data from USB hard drives
106 without being in the "disk" group. Avoid adding users to this group, if
107 you can.</para></note>
109 </sect2>
111 <sect2>
112 <title>Udev Device Attributes</title>
114 <para>Fine-tuning of device attributes such as group name and permissions
115 is possible by creating extra <application>udev</application> rules,
116 matching on something like this. The vendor and product can be found by
117 searching the <filename class='directory'>/sys/devices</filename> directory
118 entries or using <command>udevadm info</command> after the device has been
119 attached. See the documentation in the current
120 <application>udev</application> directory of
121 <filename class='directory'>/usr/share/doc</filename> for details.</para>
123<screen><literal>SUBSYSTEM=="usb_device", SYSFS{idVendor}=="05d8", SYSFS{idProduct}=="4002", \
124 GROUP:="scanner", MODE:="0660"</literal></screen>
126 <note><para>The above line is used for descriptive purposes only. The
127 scanner <application>udev</application> rules are put into place when
128<!-- installing <xref linkend='sane'/>.</para></note>-->
129 installing <ulink url='&blfs-book;pst/sane.html'>sane</ulink>.</para></note>
131 </sect2>
134 <sect2>
135 <title>Multiple Network Interfaces</title>
138 </sect2>
141 <sect2>
142 <title>Devices for Servers</title>
144 <para>In some cases, it makes sense to disable
145 <application>udev</application> completely and create static devices.
146 Servers are one example of this situation. Does a server need the
147 capability of handling dynamic devices? Only the system administrator can
148 answer that question, but in many cases the answer will be no.</para>
150 <para>If dynamic devices are not desired, then static devices must be
151 created on the system. In the default configuration, the
152 <filename>/etc/rc.d/rcS.d/S10udev</filename> boot script mounts a
153 <systemitem class="filesystem">tmpfs</systemitem> partition over the
154 <filename class="directory">/dev</filename> directory. This problem can be
155 overcome by mounting the root partition temporarily:</para>
157 <warning><para>If the instructions below are not followed carefully, your
158 system could become unbootable.</para></warning>
161<screen><userinput>mount --bind / /mnt
162cp -a /dev/* /mnt/dev
163rm /etc/rc.d/rcS.d/{S10udev,S50udev_retry}
164umount /mnt</userinput></screen>
166 <para>At this point, the system will use static devices upon the next
167 reboot. Create any desired additional devices using
168 <command>mknod</command>.</para>
170 <para>If you want to restore the dynamic devices, recreate the
171 <filename>/etc/rc.d/rcS.d/{S10udev,S50udev_retry}</filename> symbolic
172 links and reboot again. Static devices do not need to be removed (console
173 and null are always needed) because they are covered by the <systemitem
174 class="filesystem">tmpfs</systemitem> partition. Disk usage for devices is
175 negligible (about 20&ndash;30 bytes per entry.)</para>
177 </sect2>
179 <sect2 id="dev-dvd">
180 <title>Devices for DVD Drives</title>
182 <para>If the initial boot process does not set up the
183 <systemitem>/dev/dvd</systemitem> device properly, it can
184 be installed using the following modification to the default udev rules.
185 As the <systemitem class="username">root</systemitem> user, run:</para>
187<screen><userinput>sed '1d;/SYMLINK.*cdrom/ a\
188KERNEL=="sr0", ENV{ID_CDROM_DVD}=="1", SYMLINK+="dvd", OPTIONS+="link_priority=-100"' \
189/lib/udev/rules.d/60-cdrom_id.rules > /etc/udev/rules.d/60-cdrom_id.rules</userinput></screen>
191 </sect2>
Note: See TracBrowser for help on using the repository browser.